Back to skill
Skillv4.0.0
VirusTotal security
ClawDoctor · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
SuspiciousApr 30, 2026, 4:25 AM
- Hash
- 212a609739fbffac209b5cbb4929c3403ffdc7fe9f52a6d398a077d45e24947f
- Source
- palm
- Verdict
- suspicious
- Code Insight
- Type: OpenClaw Skill Name: clawdoctor Version: 4.0.0 The OpenClaw skill 'clawdoctor' is classified as suspicious due to its use of the `openclaw gateway call config.patch` command, which allows it to modify the configurations of other agents, including their system prompts. While the skill's stated purpose is benign (cost optimization) and it includes defensive prompt injection instructions, the ability to alter system prompts represents a significant vulnerability surface. An attacker could potentially exploit the agent's natural language processing capabilities to trick it into generating or applying a malicious `fixPayload` that alters another agent's behavior, even though the current skill does not demonstrate intentional malicious behavior or exfiltration.
- External report
- View on VirusTotal